Announcement: Cythera has joined forces with Bastion Security Group. Learn more
04 Sep / 2024
Cythera News
We’ve recently seen a rapid evolution in the sophistication of automated cybersecurity applications and functionality. Tools such as Next Generation Firewalls (NGFWs) and Artificial Intelligence-driven Intrusion Detection Systems (AI-IDS) have rapidly transformed from simple, rule-based defences into intelligent, adaptive guardians of digital environments. While these tools offer tremendous capabilities, IBM suggests that when combined with the power of tier 1 and 2 security analysts, automated solutions can only handle around 80% of threats. The kicker here is that the remaining 20% are often more sophisticated, more challenging to detect and more capable of causing significant damage.
With advancements in threat defence technology and awareness, a hardened attack surface has forced these advanced adversaries to adopt and rely on techniques that allow them to move faster and evade detection.
This article looks at the current threats facing businesses across Oceania, the integral role threat hunting plays in protecting enterprises against cyber risks and how Cythera’s new always-on threat-hunting capabilities facilitate threat hunting at scale, protecting you against the other 20%.
Over the past two years, the Australian Cyber Security Centre (ACSC) has observed a marked increase in cyberattacks targeting businesses across various sectors in Australia. There has been a notable rise in identity-based and cloud-focused attacks, where adversaries leverage the systems intended to protect organisations, such as VPNs and cloud services, to gain unauthorised access.
Additionally, attacks on critical infrastructure have surged, with state actors primarily driving these efforts. By employing sophisticated techniques to exploit vulnerabilities in connected operational technology, these attacks have been successful in disrupting essential services across ANZ.
Australia also saw a significant rise in interactive intrusions in 2023. Interactive intrusions represent a particularly sophisticated class of cyberattacks, where adversaries establish an active, persistent presence within a target network. These attacks are distinct from automated attacks in that they involve real-time human operators: hackers who interact directly with systems, using ‘hands-on-keyboard’ tactics to adapt their strategies as they move through the network.
Key characteristics of interactive intrusions include:
Interactive intrusions pose a significant challenge to organisations because they require advanced threat-hunting and incident-response capabilities to detect and mitigate. Traditional security tools, COTS solutions, and automated systems often fail to identify these next-level attacks, necessitating a more proactive, human-centric approach to cybersecurity.
Adversaries are increasingly using “living off the land” tactics, leveraging stolen identities and legitimate tools already present within a network to minimise their footprint. This approach reduces the chances of triggering traditional security alerts, as the adversaries’ activities can closely mimic regular user or system administrator actions. This makes it exceptionally difficult for defenders to distinguish between malicious behaviour and everyday operations.
As adversaries adopt new tactics, Cythera remains at the forefront of cybersecurity innovation. Our team has been working diligently behind the scenes to develop and enhance capabilities that keep pace with these evolving threats and stay one step ahead. Cythera’s new always-on threat-hunting capabilities are designed to counteract even the most sophisticated attacks, effectively stopping adversaries before they can get close to compromising your network.
Experience the difference between Cythera’s HU-MANaged Detection and Response service, a solution that adapts to your needs and goes beyond inflexible, one-size-fits-all MDR tools.
Schedule a demo today, and we’ll provide a free security tooling evaluation to assess your current workplace defences. As a thank you, we’re also offering an Apple Air Tag or Android Compatible ‘Tile’.
What is Malware?
What is Malware? Malware is a broad term that refers to variety of malicious software cyber criminals use including: Worms Once a worm infilt…
Read MoreRansomware attacks are on the rise in Australia. Here’s how to prepare for them.
It's a rare occasion these days that you open up the Australian business news and DON’T see anything about a cybersecurity attack. Whisper the…
Read MoreCommon Scenarios Where Organisational Oversight Leads To Key Cyber Vulnerabilities
Common Scenarios Where Organisational Oversight Leads To Key Cyber Vulnerabilities As Australian organisations move into 2024, there's an incre…
Read More